2b752222f05da7c9d6dce1c850779e68_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b752222f05da7c9d6dce1c850779e68_JaffaCakes118
Size

100KB
MD5

2b752222f05da7c9d6dce1c850779e68
SHA1

1d0c7b2ad9cac8d2c31bdcacbedb6c7038bf6070
SHA256

d633f926be0a02a39ced8a374439754ea5a44c80ee39d09168d97f509bc610b8
SHA512

e43edbc4c320009f607de4a134d25b3d77d476d831bcd4da5b74abc2191170ceab28a7140fe961c71acd81d2dafb7bbcf79fb3b4ffe0b834ebd66b0b14bf89ba
SSDEEP

1536:6THhBkxzf4iD66XUEb3msMf4KsO4eSnsypF+qqjtax+57bma62fR2v:6DuzfxxUs3m3gKX4yGF+XjtakmhWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b752222f05da7c9d6dce1c850779e68_JaffaCakes118

Files

2b752222f05da7c9d6dce1c850779e68_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetCurrentThreadId
DeleteCriticalSection
ResetEvent
GetEnvironmentStrings
LoadLibraryExA
GetSystemDefaultLangID
DeleteFileA
InitializeCriticalSection
GetCommandLineA
CloseHandle
SetLastError
FormatMessageA
LoadResource
GetOEMCP
LoadLibraryA
GetProcAddress
lstrlenA
HeapDestroy
MulDiv
ExitThread
GetACP
SetErrorMode
SizeofResource
lstrcpynA
CompareStringA
FindFirstFileA
ExitProcess
VirtualQuery
GlobalAddAtomA
GetCurrentProcess
FindClose
GetFullPathNameA
Sleep
GetUserDefaultLCID
GetStartupInfoA
WaitForSingleObject
GetCurrentThread
SetHandleCount
SetThreadLocale
VirtualAlloc
HeapFree
GetModuleHandleA
VirtualFree
ReadFile
CreateFileA
lstrcpyA
lstrcmpiA
GetStringTypeW
EnterCriticalSection
GlobalFindAtomA
VirtualAllocEx
LockResource
GetTickCount
GetCPInfo
LocalAlloc
CreateThread
GetVersionExA
lstrcatA
LocalReAlloc
GetDiskFreeSpaceA
GetFileType
GlobalDeleteAtom
GetLastError
GetStdHandle
GetDateFormatA
RaiseException
LocalFree
GetLocalTime

advapi32

RegCreateKeyA

msvcrt

memmove
tan
rand
strncmp
memcmp

shlwapi

SHSetValueA
SHDeleteKeyA
SHStrDupA
SHEnumValueA
PathIsDirectoryA
SHQueryValueExA
PathFileExistsA
PathIsContentTypeA

oleaut32

SafeArrayGetElement
SysReAllocStringLen
SafeArrayCreate
VariantChangeType
SafeArrayGetUBound
SysFreeString
GetErrorInfo
SafeArrayPtrOfIndex

user32

IsWindowVisible
GetMenuItemInfoA
EnableWindow
CreatePopupMenu
SetWindowPos
SystemParametersInfoA
IsWindowEnabled
ShowWindow
GetClassLongA
MessageBoxA
TrackPopupMenu
GetActiveWindow
EnumWindows
DispatchMessageA
GetMessagePos
GetWindow
GetSysColorBrush
CallWindowProcA
GetClientRect
GetPropA
GetForegroundWindow
FrameRect
GetCursor
EnableScrollBar
DefWindowProcA
GetSubMenu
GetSysColor
IsChild
GetScrollRange
GetClipboardData
GetDC
GetFocus
EnableMenuItem
GetCapture
CreateMenu
CallNextHookEx

comctl32

ImageList_Destroy
ImageList_DragShowNolock
ImageList_Draw
ImageList_GetBkColor

shell32

SHGetDesktopFolder
SHGetFolderPathA

ole32

CoReleaseMarshalData
CoGetObjectContext
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateFreeThreadedMarshaler
WriteClassStm
CoCreateInstanceEx
CLSIDFromProgID
StringFromIID

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64625ab46ced8aa0a09a58814b602a07

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

shlwapi

oleaut32

user32

comctl32

shell32

ole32

Sections

.text Size: 47KB - Virtual size: 46KB

.bss Size: 512B - Virtual size: 412B

.idata Size: 47KB - Virtual size: 46KB

.rdata Size: 1KB - Virtual size: 1KB

.init Size: 2KB - Virtual size: 2KB

.text
Size: 47KB - Virtual size: 46KB

.bss
Size: 512B - Virtual size: 412B

.idata
Size: 47KB - Virtual size: 46KB

.rdata
Size: 1KB - Virtual size: 1KB

.init
Size: 2KB - Virtual size: 2KB